2024-01-28_daa82ca436f03a5e62ba73e48050691a_karagany_mafia

Sharing

Copy URL

Twitter E-mail

General

Target

2024-01-28_daa82ca436f03a5e62ba73e48050691a_karagany_mafia
Size

124KB
MD5

daa82ca436f03a5e62ba73e48050691a
SHA1

775fbe013ed433ec193d0d1c59c82d65ce5a901d
SHA256

e019a9c078fe2f56d9e8965e77a7528ad10591ac7da5fcc32216f41c8bf27e41
SHA512

aeeef2cafcbca63cde5bdef3791ccfe0f7ced7d165e5df56bf20b9ca79b03da35c845df2345303c18686738ada8fc711a516926fc4adb2beec83347e59481160
SSDEEP

3072:lPMsNke49JpUSuv/l187Olu9yRnjD99OLAWGDmddo:lj349JeNl1875WnjB2AWPL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-01-28_daa82ca436f03a5e62ba73e48050691a_karagany_mafia

Files

2024-01-28_daa82ca436f03a5e62ba73e48050691a_karagany_mafia
.exe windows:5 windows x86 arch:x86

a0aa8521c1da5e15ea46e1b48798fc26

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
CreateDirectoryA
Sleep
GetACP
GetCurrentProcessId
FreeLibrary
LoadLibraryA
LocalAlloc
GetProcAddress
CompareStringW
GetProcessHeap
SetEndOfFile
CreateFileW
RaiseException
RtlUnwind
EncodePointer
DecodePointer
GetLastError
HeapFree
HeapAlloc
GetCommandLineA
HeapSetInformation
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileExA
IsProcessorFeaturePresent
CloseHandle
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
ReadFile
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
GetCurrentThreadId
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
HeapCreate
ExitProcess
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
HeapSize
SetStdHandle
LCMapStringW
GetStringTypeW
WriteConsoleW
LoadLibraryW
CreateFileA
GetTimeZoneInformation
HeapReAlloc
SetEnvironmentVariableA

advapi32

RegQueryValueExA
RegCloseKey
SetEntriesInAclA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetFileSecurityA
RegCreateKeyExA

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a0aa8521c1da5e15ea46e1b48798fc26

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 95KB - Virtual size: 94KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 5KB - Virtual size: 13KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 95KB - Virtual size: 94KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 5KB - Virtual size: 13KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 7KB - Virtual size: 7KB